Domain name operations for the DNS module. All functions are stateless and operate on strings in trailing-dot FQDN form (e.g. "example.com."). Provides normalization, validation, comparison, label manipulation, and search list expansion (ndots logic).
| Name | Signature |
|---|---|
normalize | normalize(name) -> normalized |
is_fqdn | is_fqdn(name) -> fqdn |
labels | labels(name) -> label_list |
label_count | label_count(name) -> count |
is_valid | is_valid(name) -> valid |
equal | equal(a, b) -> eq |
is_subdomain | is_subdomain(child, parent) -> is_sub |
parent | parent(name) -> parent_name |
apply_search | apply_search(name, search_list, ndots) -> candidates |
encode_0x20 | encode_0x20(name) -> randomized |
verify_0x20 | verify_0x20(sent, received) -> match |
canonical_compare | canonical_compare(a, b) -> cmp |
normalize(
name) ->normalized
Lowercase a name and ensure trailing dot
is_fqdn(
name) ->fqdn
Check if a name has a trailing dot (fully qualified)
labels(
name) ->label_list
Split a domain name into a table of labels (excluding root)
label_count(
name) ->count
Count the number of labels in a domain name (excluding root)
is_valid(
name) ->valid
Validate a domain name per RFC1035 constraints
Validates that each label is 1-63 bytes, total wire length ≤ 253,
characters are [%w%-_], and no label starts or ends with a hyphen.
Underscores are allowed for SRV records, DKIM, DMARC, etc.
equal(
a,b) ->eq
Case-insensitive domain name comparison
is_subdomain(
child,parent) ->is_sub
Check if child is a strict subdomain of parent
Returns true if child ends with .parent and child ≠ parent.
Root (".") is parent of all names except itself.
parent(
name) ->parent_name
Strip the leftmost label from a name
apply_search(
name,search_list,ndots) ->candidates
Expand a name with search list and ndots logic
If name is FQDN (trailing dot), returns it as-is (single candidate). Otherwise, counts dots in the name:
If dots >= ndots: try as-is first, then append each search domain
If dots < ndots: try search domains first, then as-is
The as-is form always gets a trailing dot appended.
encode_0x20(
name) ->randomized
Randomize the case of ASCII letters in a domain name (0x20 encoding)
Implements the 0x20 bit-toggling technique for DNS query name encoding. Each ASCII letter is randomly uppercased or lowercased, adding ~1 bit of entropy per letter. Non-letter characters (digits, hyphens, dots) are unchanged. Used by dns.client to detect spoofed responses — a legitimate resolver echoes the question name verbatim, preserving the random casing.
verify_0x20(
sent,received) ->match
Verify that a response name matches the 0x20-encoded query name exactly
Byte-for-byte comparison (case-sensitive). Returns true only if the received name is identical to the sent name, including the randomized casing applied by encode_0x20(). A legitimate recursive resolver echoes the question section verbatim.
canonical_compare(
a,b) ->cmp
Compare two domain names in DNSSEC canonical order
Returns -1 if a < b, 0 if a == b, 1 if a > b in canonical DNS name order (RFC 4034 Section 6.1). Names are compared label by label from the rightmost (closest to root) to leftmost. Shorter names sort before longer names when all compared labels match.